Tag Archives: Cybercrime

VIF Cyber Review: May 2022


CERT-In issued advisory on Mobile-based Malware

On 30 May 2022, Indian Computer Emergency Response Team (CERT-In) issued advisory on mobile-based malware, along with methods and countermeasures. With the advent of smartphones and high-speed Internet connection, mobile accounts for more than 50 per cent of the Internet traffic worldwide, making it a worthwhile attack surface for cybercriminals.

The advisory included methods through which cybercriminals carried out activities, including fake applications, On-device fraud, Bypassing App store, fake calls, and where mobile-based malware are also using design practices like accessibility engines, infrastructure and C2 protocols that enable them to update their capabilities. Along with, the advisory also suggested countermeasures and best practices for users, including keeping OS (Operating System) and applications updated, use of strong authentication such as biometric and PIN, safe browsing practices, deleting data before discarding the device. [1]

Cisco Launched a tool of SMBs to assess Cyber Security Readiness

Cisco, on 26 May 2022, launched a cyber security tool for Small and Medium-sized Businesses (SMBs) based in Asia-Pacific region to assess their cyber security readiness amid of hybrid work environment. The tool’s concept is based on the premise that no attempt to access an organisation’s network architecture can succeed until trust is verified. As per Cisco’s cyber security for SMBs: Asia-Pacific businesses prepare for digital defense study, 62 per cent of Indian SMBs suffered cyber incidents in 2021 and cyber-attacks cost their business over ₹ 3.5 crore. Around 74 per cent SMBs also reported 85 per cent of customer information loss in cyber incidents.

“When a user accesses an application using a device, both the user and device are verified, with that trust continuously monitored. This helps secure the organisation’s applications and environments from any user, device, and location,” read the statement released by Cisco. The threat landscape for the SMBs becoming more sophisticated due to the digitisation at speed, therefore, securing their businesses is one of the top priorities for SMBs. “With new tool, the SMBs will ensure end-to-end protection across their workforce, and the workplace, with adoption of a zero-trust strategy to manage and strengthen their cyber security posture in a cloud-first world,” said Cisco India & SAARC’s Senior Director (System Engineering)— Anand Patil.[2]

The 7th Edition of India-Japan ICT Joint Working Group meeting recognised the importance of India-Japan Digital Partnership

On 13 May 2022, V L Kantha Rao (Additional Secretary, Department of Telecommunications, India) and Sasaki YUJI (Vice-Minister for Policy Coordination— International Affairs, Japan) virtually co-chaired the 7th edition of India-Japan ICT Joint Working Group (JWG) under the India-Japan ICT Comprehensive Cooperation Framework. Senior representatives from both governments and non-governmental stakeholders from industry, R&D, and Academia attended the meeting.

Recalling the India-Japan Summit held in March 2022, both sides recognised the need to strengthen the growing cooperation under India-Japan digital partnership, with a vision to enhance digital economy through promotion of joint projects for digital transformations. The JWG discussions were focused on enhancing further cooperation in various fields like 5G, Open RAN, Telecom Network Security, submarine cable systems, and Quantum Communications. [3]

Government of India proposed to set up India Data Management Office

Under the Digital India Corporation, India’s Ministry of Electronics and Information Technology (MeitY) will set up an India Data Management Office (IDMO), which will be responsible for framing, managing, reviewing, and revising the National Data Governance Framework Policy. The draft of the National Data Governance Framework Policy was released by the MeitY, seeking public comments on the draft till 11 June 2022.

The earlier version of the policy— India Data Accessebility and Use Policy had faced many criticism from experts, who believed that there was a lack of security safguards for anonymization, privacy infringement, and economic incentivisation. As per the draft of the data governance framework, the IDMO will design and manage the India Datasets platform which will in turn handle the requests of Indian researchers and start-ups which require access to non-personal or anonymised datasets. [4]

CERT-In issued discovery of Remote Code Execution (RCE) vulnerability in Apple products

On 20 May 2022, the Indian Computer Emergency Response Team (CERT-In) highlighted a Remote Code Execution (RCE) vulnerability in Apple watchOS, tvOS, and macOS, affecting Apple Watch, Apple TV, and Apple Mac systems. The vulnerability existed due to an out-of-bounds write issue in the AppleAVD component. Successful exploitation of this vulnerability may allow a remote attacker to execute arbitrary code with kernel privileges on the targeted system.[5]


Canada to ban China’s Huawei and ZTE from its 5G/4G networks

Following to the review by Canada’s independent security agencies and consultation with ‘closest’ allies, the Government of Canada decided to ban China’s Huawei and ZTE products and services from Canada’s 5G/4G communication networks. In a statement released on 19 May 2022, the Minister of Innovation, Science and Industry— Francois-Philippe Champagne has stated that “the Government of Canada is ensuring a long term safety of telecommunication infrastructure. As a part of that, the government intends to prohibit the inclusion of Huawei and ZTE products and services in Canada’s telecommunication systems.” [6]

As per the decision, the companies that already using the Huawei and ZTE equipment installed in their networks would be required to cease its use and remove it. The implementation of these measures are part of a broader agenda to promote security of Canada’s telecommunications networks, in consultation with industry.

Mastercard strengthen cyber security consulting practice with new Cyber Front threat simulation platform

In recent years, Mastercard invested in risk quantification, Always-On security monitoring and fraud prevention, to help its customers strengthen their cyber resilience. On 24 May 2022, Mastercard made an announcement of launching a new attack simulation and assessment platform— Cyber Front. The platform will assist businesses and governments enhance their cyber security operational resilience. Cyber Front is enabled by a strategic minority investment in Picus Security.

By leveraging a continuously updated library of more than 3,500 real-world threat scenarios, the Cyber Front highlights security gaps and provides mitigation insights in real-time so that organisations can improve upon security investments with continuous validation. The goal of Cyber Front is for organisations to understand if their current systems are effective and identify areas of exposure to ensure greater protection in both— immediate and long term.[7]

Spanish Prime Minister’s phone hacked with Pegasus tool

On 02 May 2022, the Spanish government informed that Prime Minister (PM) Pedro Sanchez’s phone was hacked with Pegasus software. Earlier, in May-June 2021, Spanish Defence Minister— Margarita Robles’ phone was also hacked using the same software. Pegasus software is an Israel-made digital hacking tool to snoop on phone communication.

Researchers investigate and revealed that in April 2022, several political figures in Catalonia were victims of digital espionage. [8] It is assumed that top European Union (EU), the United Kingdom (UK), Poland and Hungary officials may also been targeted with Pegasus software. The use of digital hacking tools such as Pegasus has helped security officials around the world fight crime and ward off national security concerns, therefore, European governments have been wary of delving into the intricacies of spyware programs.[9]

Amid foreign hacking threats, Pentagon contractors looking for software flaws through VDP

Considering Russia and China’s efforts to steal sensitive data from the United States (US) defence industrial base, Pentagon’s pilot program discovered an array of software vulnerabilities with dozens of defence contractors. The objective of pilot program— “Vulnerability Disclosure Program” (VDP) is to identify and fix flaws in the e-mail programs, mobile devices and industrial software used by the Pentagon’s defence contractors before hackers can take advantage of these vulnerabilities.

“We really wanted to focus on those smaller defence contractors that may not have the budget and resources,” said Melissa Vice, interim director of the Department of Defense (DoD) Cyber Crime Centre’s DoD VDP. In the business sector, VDPs are widespread practise, in which vetted cyber professionals scan systems for defects and report them internally. The Pentagon has been running a VDP since 2016, but after the pilot, the intention is to permanently expand the programme to include defence contractors.[10]

Cybercriminals used call forwarding technique to obtain WhatsApp accounts

Cybercriminals used call forwarding as a technique, allowing them to hijack a targeted WhatsApp account and gain control to messages and contact list. The method relied on the mobile carriers’ automated service to forward calls to a different phone number, and WhatsApp’s option to send a OTP (One-Time Password) verification code via voice call.

According to the founder and CEO of ‘CloudSEK’— a digital risk protection company— Rahul Sasi, after knowing the targeted WhatsApp account number and some social engineering, the attacker convinced the victim to make a call to a number that starts with Man Machine Interface (MMI) code that mobile carrier set up to enable call forwarding. A separate MMI code can send all calls to a terminal to a different number or merely when the line is busy or there is no reception, depending on the carrier. “First, you receive a call from the attacker who will convince you to make a call to the following number **67* or *405* (subject to be vary as per the mobile carrier). Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account”, said Rahul Sasi.

As a protection against such attack, turning on Two-Factor Authentication (TFA) protection in WhatsApp is an effective measure. By requiring a PIN (Personal Identification Number) whenever you register a phone with the messaging app, this feature prevents malicious actors from gaining control of the account.[11]

Endnotes :

[1]India. “CERT-In Advisory CIAD-2022-0014”, Indian Computer Emergency Response Team, 30 May 2022, Available from: https://cert-in.org.in/
[2]“Cisco launches new tool for SMBs to assess their cyber security readiness”, Financial Express, 26 May 2022, Available from: https://www.financialexpress.com/industry/sme/msme-tech-cisco-launches-new-tool-for-smbs-to-assess-their-cybersecurity-readiness/2538348/
[3]India. “7th India-Japan ICT Joint Working Group meeting held under India-Japan ICT Comprehensive Cooperation Framework”, Press Information Bureau- Ministry of Communication, 13 May 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1825159
[4]ET Tech. “Government proposes to set up India Data Management Office”, ET Telecom, 28 May 2022, Available from: https://telecom.economictimes.indiatimes.com/news/government-proposes-to-set-up-india-data-management-office/91846155?utm_source=Mailer&utm_medium=ET_batch&utm_campaign=ettelecom_news_2022-05-28&dt=2022-05-28&em=YW51cmFnQHZpZmluZGlhLm9yZw==
[5]India. “Remote Code Execution vulnerability in Apple products”, Indian Computer Emergency Response Team , 20 May 2022, Available from: https://cert-in.org.in/
[6]Canada. “Statement from Minister Champagne on telecommunications security”, Ministry of Innovation, Science and Industry, 19 May 2022, Available from: https://www.canada.ca/en/innovation-science-economic-development/news/2022/05/statement-from-minister-champagne-on-telecommunications-security.html
[7] “Another arrow in the quiver: Mastercard strengthens cybersecurity consulting practice with new cyber front threat simulation platform”, Mastercard, 24 May 2022, Available from: https://www.mastercard.com/news/press/2022/may/another-arrow-in-the-quiver-mastercard-strengthens-cybersecurity-consulting-practice-with-new-cyber-front-threat-simulation-platform/
[8]Aarup, Sarah Anne. “Pegasus spyware targets top Catalan politicians and activists”, Politico, 18 April 2022, Available from: https://www.politico.eu/article/pegasus-spyware-targets-top-catalan-politicians-and-activists/
[9]Manancourt, Vincent. “Hack of Spanish PM’s phone deepens Europe’s spyware crisis”, Politico, 02 May 2022, Available from: https://www.politico.eu/article/pegasus-hacking-spyware-spain-government-prime-minister-pedro-sanchez-margarita-robles-digital-espionage-crisis/
[10]Lyngaas, Sean. “Pentagon contractors go looking for software flaws as foreign hacking threats loom”, CNN, 02 May 2022, Available from: https://edition.cnn.com/2022/05/02/politics/pentagon-defense-contractors-software-flaws/index.html
[11]Ilascu, Ionut. “Hackers steal WhatsApp accounts using call forwarding trick”, Bleeping Computer, 31 May 2022, Available from: https://www.bleepingcomputer.com/news/security/hackers-steal-whatsapp-accounts-using-call-forwarding-trick/

VIF Cyber Review: December 2021


Government to set up a unified Cyber Security Task Force by March 2022

Considering the growing threat of cyber-attacks, furthering national security, the Government of India (GoI) is in the process to establish a unified national-level Cyber Security Task Force (CSTF), with a significant focus on the cyber risks emanating from the telecom sector. A sub-department for telecom security will be setup under the unified CSTF, likely by March 2022.

At present, the cyber threats are handled by the Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology (MeitY). As the cyber threats are more dynamic and sophisticated, the government felt the need to have a specialised task force that works on domestic inputs on cyber threats and analyses the information received from allied nations from across the world.[1]

“India is keen to welcome all Semiconductor firms to explore investment opportunities in India”: Minister of State for Electronics & IT

“After India announced a ₹ 76,000 crore Semiconductor scheme, there is an interest level among global semiconductor firms to made investments in India. India is looking forward to having Intel, Taiwan Semiconductor Manufacturing Company (TSMC), Samsung and other technology major firms investing in the country,” said Minister of State for Electronics & Information Technology (MoS-IT)— Rajeev Chandrashekhar. The investment-related guidelines will be issued in early January 2022 on modalities of applying for semiconductor incentives, and the applicants will be given about 45-90 days to respond.

In December 2021, the Government of India (GoI) approved the ‘semiconductor scheme’ to promote semiconductor and display manufacturing in India. The scheme is expected to visualise India’s ambitions to be self-reliant in electronics manufacturing and result in at least 35,000 jobs apart from indirect employment for 100,000 people. Under the scheme, incentives will be lined up for firms engaged in silicon semiconductor fabs, display fabs, compound semiconductors, silicon photonics, sensors fabs, semiconductor packaging, and design. In the next four years, the semiconductor incentive scheme will likely bring investments of around ₹ 1.7 lakh crore and provide 1.35 lakh jobs in India.[2]

India-Vietnam signed agreements to strengthen cooperation in the field of Information Technology

During his visit to India on 16 December 2021, Vietnam’s Minister for Information and Communication— Nguyen Manh Hung, met India’s Minister of State for Electronics and Information Technology (MoS IT) & Skill Development and Entrepreneurship— Rajeev Chandrashekhar and exchanged views on several initiatives to strengthen the digital economy and further enhance Information & Communications Technology (ICT) trade and cooperation between India and Vietnam.

Both Ministers signed the India-Vietnam Memorandum of Understanding (MoU) which intends to promote active cooperation and exchange between private stakeholders, Governments, and institutions in enhancing capacity building and Public-Private organisations of both nations in the field of ICT. India’s ‘digital government’ initiatives and the fast-emerging technology start-up ecosystem have shown resilience and maturity not only to meet the challenges of this Coronavirus pandemic but are now role models for other developing and less developed countries.[3]

MeiTY organised the ‘25th CISO Deep Dive’ training programme under the Cyber Surakshit Bharat initiative

With a vision of strengthening the cyber security ecosystem in Government establishments under India’s Cyber Surakshit Bharat initiative, the National e-Governance Division under the Ministry of Electronics & Information Technology (MeitY) organised a six-day ‘Deep Dive’ training programme for Chief Information Security Officers (CISOs) and frontline Information Technology (IT) officials from various Ministries and Departments, Government and Semi-Government organisations from Central & State governments, Public Sector Undertakings (PSUs), Banks, and other establishments.

The training programme equipped CISOs with a better understanding of the emerging cyber threat landscape and best practices in cyber security to translate the benefits of secure cyberspace to respective organisations and citizens. “It is expected that the training will provide the necessary exposure to the latest tools and technologies in the cyber security and requirement for legal compliance. The knowledge gained during training can help the CISOs and other participants to prepare Cyber Security Policies (CSPs) and Cyber Crisis Management Plan (CCMP) for respective organisations,” said Tulika Pandey— Director at Cyber Security Division, MeitY.

Highlighting the trend of cyber-attacks in India, Amitesh Kumar Sinha— Joint Secretary, e-Governance at MeitY, informed that “cyber fraudsters are using the COVID-19 pandemic as a cyber-attack vector for their notorious gains. During the COVID-19 time, there has been a surge in cyber incidences. The primary attacks have been phishing attacks to steal information and drop malware.  The attackers devise new strategies to target victims with scams or malware campaigns. This workshop is an opportunity to understand how CISOs and other IT officials should approach this entire problem.”[4]

Joint Parliamentary Committee submitted report on the ‘Personal Data Protection Bill 2019’

On 16 December 2021, the Joint Parliamentary Committee (JPC) submitted their report on the ‘Personal Data Protection Bill 2019’, in both Houses of the Parliament— the Upper House (Rajya Sabha) and the Lower House (Lok Sabha). The JPC report— running over 500 pages has proposed several key amendments. One of the key recommendations of the report is that non-personal data be included in the Bill. “As soon as the provisions to regulate non-personal data are finalised, there may be a separate regulation on non-personal data in the Data Protection Act to be regulated by the Data Protection Authority (DPA),” read the report. Emphasising on the data localisation, the report recommends that no social media platform be permitted to operate in India unless the parent company in-charge sets up an office in India.

Along with consideration on key issues, such as statutory body for media regulation, safety of financial transactions, data localisation, and data breaches, the report recommended that the Bill shall be named as ‘Data Protection Bill 2019’. The Bill is likely to be discussed in the Budget Session of the Parliament.[5]

Indian CERT issued advisory on multiple vulnerabilities in Apache Log4j

On 10 December 2021, The Indian Computer Emergency Response Team (CERT-In) issued advisory on multiple vulnerabilities— Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-44832, CVE-2021-4104, and CVE-2021-45046), Denial of Service Vulnerability (CVE-2021-45105) discovered in Apache Java logging library Log4j which could allow a remote attacker to gain full access or control and perform a Denial of Service (DoS) attack on the targeted servers. The vulnerability existed in ApacheLog4j versions due to failure to protect from uncontrolled recursion from self-referential lookups. A remote unauthenticated attacker could exploit this vulnerability by injecting a crafted malicious payload that contains recursive lookup, resulting in a DoS condition.[6]

According to Check Point – a cyber security firm, the Log4j vulnerability prompted to 100 new hacking attempts every minute. The firm had monitored the attempts to exploit the vulnerability on over 40 per cent of corporate networks worldwide. The Apache Software Foundation—which oversees the Log4j code, released a fix for the vulnerability, along with rating the issue “10”— the highest level of seriousness. “This is the third really serious flaw that has affected a wide range of Internet services: Heartbleed in 2012, ShellShock in 2014 and Log4Shell in 2021,” said John Graham-Cumming— Chief Technology Officer (CTO) at the Cloudflare.[7]

Separately, Microsoft warned that some nation-state supported hacking groups are using Log4shell. “Multiple tracked nation-state activity groups originating from China, Iran, North Korea, and Turkey, are utilising the vulnerability for activities from ‘experimentation’ to targeted attacks,” read the statement released by the Microsoft.[8]


UK and US intelligence chiefs discussed enduring combined cyber operations

In the meeting— ‘Cyber Management Review’ hosted at Fort Meade, Maryland, United States (US), Sir Jeremy Fleming— Director, United Kingdom (UK)’s Government Communications Headquarters (GCHQ) and General Sir Patrick Sanders— Commander of the UK Strategic Command, discussed on the joint commitment to disrupt and deter emerging cyber threats, with General Paul Nakasone— Director, United States (US)’ National Security Agency (NSA) and Commander of the US Cyber Command.

The annual forum enables the UK and US to develop world-class cyber capabilities, improve cyber defences, and impose costs for malicious cyber activity. “We [UK & US] agree that strategic engagement in cyberspace is crucial to defending our way of life by addressing these evolving threats with a full range of capabilities. To carry this out, we will continue to adapt, innovate, partner, and succeed against evolving threats in cyberspace,” read the joint statement released by the UK and US intelligence and defence chiefs.[9]

Japanese firms targeted by Chinese state-backed hackers with ‘Flagpro’ malware

China’s state-supported ‘BlackTech’— a cyber-espionage APT (Advanced Persistent Threat) group has targeted several Japanese companies from various sectors, including defence technologies, media, and communications, using malware— ‘Flagpro’. According to the report submitted by NTT Security, Flagpro malware was deployed against Japanese firms for more than a year since October 2020.

The threat actor deployed Flagpro in the initial stage of an attack for network recce, evaluating the target’s cyber environment, and downloading second-stage malware and executing it. As modus operandi, a phishing e-mail crafted for the target organisation, pretending to be an e-mail from a trustworthy partner. The e-mail carries a password-protected ZIP or RAR attachment that contains a Microsoft Excel file (.XLSM) equipped with a malicious macro. Running this code creates an executable in the start-up directory, the Flagpro.

Flagpro connects to the C2 server via HTTP and sends system ID details obtained by running hardcoded OS commands on its first execution. In response, the C2 server can send back additional commands or a second-stage payload that Flagpro can execute. The BlackTech APT was spotted by Trend Micro researchers in 2017 and is associated with China. The BlackTech APT generally targets Taiwan and occasionally attacks companies in Japan and Hong Kong to steal technology.[10]

Europol’s EC3 arrested a Romanian in connection with a Ransomware affiliate scavenging for sensitive data

In a joint operation with Romanian National Police (Politia Romana) and the United States (US)’ Federal Bureau of Investigation (FBI), the Europol’s European Cyber Crime Centre (EC3) arrested a Romanian national in connection with a Ransomware affiliate targeting high-profile organisations and companies for their sensitive data.

After compromising the network of a large Romanian IT company that delivers services to clients in retail, energy, and utilising sectors, the cyber-criminal has deployed ransomware and stealing sensitive data from the company’s clients in Romania and abroad before encrypting their files. Later, the cyber-criminal asks for a hefty ransom payment in cryptocurrency, threatening to leak the stolen data on cybercrime forums should his demands not be met.[11]


[1]Doval, Pankaj. “Unified cyber security task force by March: Source”, The Economic Times- Telecom, 20 December 2021, Available from: https://telecom.economictimes.indiatimes.com/news/unified-cyber-security-task-force-by-march-source/88381159 . Accessed on 23 December 2021.

[2]PTI. “We’ll love to see Intel, TSMC, Samsung, and other semiconductor giants invest in India: MoS IT”, The Economic Times- Telecom, 29 December 2021, Available from: https://telecom.economictimes.indiatimes.com/news/well-love-to-see-intel-tsmc-samsung-other-semiconductor-giants-invest-in-india-mos-it/88556288 . Accessed on 31 December 2021.

[3]Ministry of Electronics & IT, India-Vietnam signs agreement to extend cooperation in the field of Information Technology, Release ID: 1782377 (India, 2021), Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1782377 . Accessed on 20 December 2021.

[4]Ministry of Electronics & IT, MeitY organises 25th CISO Deep Dive Training program under Cyber Surakshit Bharat initiative, Release ID: 1782189 (India, 2021), Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1782189 . Accessed on 20 December 2021.

[5]Lok Sabha, Report of the Joint Committee on the Personal Data Protection Bill, 2019’, (India, 2021), Available from: https://prsindia.org/files/bills_acts/bills_parliament/2019/Joint_Committee_on_the_Personal_Data_Protection_Bill_2019.pdf . Accessed on 30 December 2021.; Sharma, Mohit. “Joint Committee report on Data Protection Bill tabled in Both Houses of Parliament: Details”, India Today, 17 December 2021, Available from: https://www.indiatoday.in/india/story/joint-committee-report-data-protection-bill-tabled-houses-parliament-details-1888747-2021-12-17 . Accessed on 30 December 2021.

[6]Indian Computer Emergency Response Team (CERT-In), CERT-In Advisory CIAD-2021-0046: Multiple Vulnerabilities in Apache Log4j, (India, 2021), Available from: https://cert-in.org.in/. Accessed on 31 December 2021.

[7]Tidy, Joe. “Flaw prompts 100 hack attacks a minute, security company says”, BBC News, 13 December 2021, Available from: https://www.bbc.com/news/technology-59638308 . Accessed on 31 December 2021.

[8]Microsoft Threat Intelligence Centre (MSTIC), “Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability”, Microsoft, 11 December 2021, Available from: https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/ . Accessed on 30 December 2021.

[9]Government Communications Headquarters, UK and US intelligence chiefs commit to enduring combined cyber operations, (United Kingdom, 2021), Available from: https://www.gchq.gov.uk/news/cyber-management-review-2021 . Accessed on 25 December 2021.

[10]Toulas, Bill. “New Flagpro malware linked to Chinese state-backed hackers”, Bleeping Computer, 28 December 2021, Available from: https://www.bleepingcomputer.com/news/security/new-flagpro-malware-linked-to-chinese-state-backed-hackers/. Accessed on 01 January 2022.

[11]Europol, Arrest in Romania of a ransomware affiliate scavenging for sensitive data, (The Netherlands, 2021), Available from: https://www.europol.europa.eu/media-press/newsroom/news/arrest-in-romania-of-ransomware-affiliate-scavenging-for-sensitive-data . Accessed on 01 January 2022

China: Daily Scan, January 6, 2022

Regulations refine duties of discipline inspection commissions, improving leadership system: Xinhuanet
January 5, 2022

The Communist Party of China (CPC) Central Committee has released the first comprehensive set of regulations for the work of the Party’s discipline inspection commissions. The document, which was made public on Tuesday, consists of 59 articles in eight chapters, and makes comprehensive provisions for the leadership system, establishment, operations, duties and self-construction of the commissions.Click here to read…

Chinese premier stresses intensified implementation of tax, fee cuts: Xinhuanet
January 5, 2022

Chinese Premier Li Keqiang on Wednesday stressed intensifying tax and fee cuts to provide relief to businesses and revitalize the market. Li, also a member of the Standing Committee of the Political Bureau of the Communist Party of China (CPC) Central Committee, made the remarks at a symposium on the implementation of tax and fee reductions.Click here to read…

Tibet beefs up investment during 14th five-year plan: Xinhuanet
January 5, 2022

Southwest China’s Tibet Autonomous Region plans to invest 601.5 billion yuan (about 94.3 billion U.S. dollars) during its 14th Five-Year Plan period (2021-2025), according to local authorities. The number sees a growth rate of 58 percent, compared with that during the 13th Five-Year Plan (2016-2020), said the fifth session of the 11th People’s Congress of Tibet Autonomous Region.Click here to read…

Chinese scientists use telecom optical fiber to monitor aftershocks: Xinhuanet
January 5, 2022

Chinese scientists have developed a new way to monitor aftershocks by using telecom optical fiber with less deployment time and cost, the China Science Daily reported Wednesday. A research team from the Innovation Academy for Precision Measurement Science and Technology, affiliated with the Chinese Academy of Sciences, used distributed optical fiber seismic-sensing technology to turn an urban telecom optical fiber network into an ultra-dense seismic monitoring array for a rapid post-quake response.Click here to read…

Law prompts parents to educate kids properly: China Daily
January 6, 2022

Chinese parents are being encouraged to educate their children properly-morally, physically and psychologically-as a new law on family education came into effect on Jan 1. The new law became a trending topic on Sina Weibo on Monday, with the hashtag “Chinese parents now have to raise children in accordance with the law” being read more than 300 million times as of Tuesday afternoon.Click here to read…

China handles 62,000 cybercrime cases in 2021: China Daily
January 6, 2022

Amid a targeted national campaign, Chinese police in 2021 investigated and handled 62,000 cybercrime cases including personal information infringement and hacking, according to the Ministry of Public Security. A total of 103,000 individuals suspected of involvement in these cases were captured, with over 27,000 internet enterprises and institutions receiving administrative penalties, said the ministry.Click here to read…

Chinese lab achieves major achievement in wireless communication: Global Times
January 5, 2022

A high-tech laboratory in Nanjing, capital of East China’s Jiangsu Province, has announced a major achievement related to 6G-oriented terahertz 100/200Gbps (gigabits per second) real-time wireless communication, with a transmission rate 10-20 times higher than 5G networks.Click here to read…

Honda China JV announces 120,000 units-a-year EV factory: Reuters
January 6, 2022

Honda Motor Co (7267.T) and its Chinese joint venture partner Dongfeng Motor (0489.HK) said on Thursday they would build a new factory in Wuhan to exclusively manufacture electric vehicles (EVs) from 2024. The factory would have a production capacity of 120,000 vehicles a year, Honda said in a statement.Click here to read…

China may delay its much-feared property tax amid price slump in nation’s real estate industry: South China Morning Post
January 6, 2022

China’s property tax could be another casualty of the slump in the housing market, with analysts expecting the government to hold off on expanding trials of the levy because of a real estate-led economic slowdown. In October last year, China’s parliament authorised the limited property tax in Shanghai and Chongqing be expanded to more cities, with some analysts forecasting that it could begin by the end of 2021. However, the rapid deterioration of the real-estate sector and the lack of any detailed implementation plan from the State Council is fanning speculation that the government is waiting for a market uptick before it starts the tax.Click here to read…

Chinese scientists build factory robot that can read minds on the assembly line: South China Morning Post
January 6, 2022

Researchers in China say they have developed an industrial robot that can read a human co-worker’s mind with 96 per cent accuracy. The robot not only monitored the worker’s brain waves, but also collected electric signals from muscles, as it worked seamlessly together to assemble a complex product, according to its developers at China Three Gorges University’s Intelligent Manufacturing Innovation Technology Centre.Click here to read…